[clug] Why is my SSH port forwarding failing all of a sudden?

Chris Smart clug at christophersmart.com
Wed Feb 3 11:56:24 UTC 2016

On 03/02/16 20:53, Tony Lewis wrote:
> On 03/02/16 20:40, Tony Lewis wrote:
>> I cannot figure it out but will keep an eye on it to see if it
>> misbehaves again.  It's probably me, but I just cannot figure out what
>> I broke and how I fixed it.
> Oh.  Found it.
> The client authenticates as user tunnel on the tunnel server using a
> public key.  Somewhere along the way, adding a new user, I had reset the
> password, with the intent of locking it afterwards ("passwd -l
> tunnel").  I expired it instead ("passwd -e tunnel").  The PKI
> authentication worked, or at least appeared to work, as the account is
> configured to not give a shell and only tunnel ports.
> But that's the difference.  An expired password, which is where the
> login progam won't let you log in without setting a new password, locks
> at least tunnelling, and probably locks any session itself. Setting the
> password to something dumb and then locking the account has fixed the
> problem.
> So, again, thanks for the input.

Nice one, glad you found it!


 ^ ^

More information about the linux mailing list